Ask Zac
General Admin intermediate 20 minutes

How to configure sign-in methods and authentication

Learn how to configure sign-in methods and authentication. Step-by-step guide for Zoom administrators with prerequisites, detailed instructions, and troubleshooting tips.

Published February 26, 2026

Configuring sign-in methods and authentication in Zoom is crucial for securing your organization’s meetings and webinars. This involves setting up authentication profiles to restrict meeting access to signed-in users, configuring single sign-on (SSO) for ease of access and enhanced security, and managing device sign-in permissions. Use this guide to navigate the Zoom admin portal and implement these configurations.

Prerequisites

  • You must be a Zoom account owner or administrator with the necessary privileges.
  • Understand your organization’s security policies regarding user authentication.
  • If implementing SSO, have the necessary information from your identity provider (IdP) available, such as the SSO URL and certificate.
  • Have a Zoom Pro, Business, or Enterprise account.

Configuring Authentication Settings and Profiles

This section outlines how to set up authentication profiles to control who can join your Zoom meetings and webinars.

  1. Access Account Management: Sign in to the Zoom web portal as an administrator. Navigate to Account Management and then select Account Settings.
  2. Locate Authentication Options: In the Account Settings, find the Security section. Scroll down to the Authentication Options section.
  3. Enable Required Authentication: Select the authentication methods you want to require for meetings and webinars hosted by users in your account. Options include:
    • Zoom Users: Require participants to sign in with a Zoom account.
    • External Authentication: Allow participants to authenticate through a configured SSO provider.
    • Specific Domains: Restrict participants to Zoom users whose email addresses match a specified domain.
  4. Create Authentication Profiles: To create more granular control, click Add Authentication Exception. You can then create an authentication profile.
  5. Name the Profile: Give your profile a descriptive name so it’s easy to identify.
  6. Specify Authentication Method: Select the authentication method for this profile (Zoom, SSO, or specific domains). If choosing SSO, you will be prompted to select a previously configured SSO profile. If choosing Specific Domains, enter the allowed domains.
  7. Save the Profile: Click Save to save your new authentication profile.
  8. Apply to Meetings/Webinars: When scheduling a meeting or webinar, hosts can now select the desired authentication profile under the meeting or webinar settings in the “Security” section.
  9. Configuring Zoom Events and Zoom Webinars Plus with Azure: If you want to use Azure as your SSO provider, make sure to configure an authentication profile specifically for Azure. This generally involves inputting your Azure AD application ID and other settings.
  10. Apply Authentication Profiles to Webinar Plus: Zoom Webinars Plus hosts can now apply the authentication profile during webinar scheduling.

Configuring Single Sign-On (SSO)

This section details how to set up SSO for your Zoom account, allowing users to sign in with their existing credentials.

  1. Access SSO Settings: In the Zoom web portal, navigate to Advanced, then select SSO.
  2. Provide SSO Information: Input the required information from your identity provider (IdP):
    • Sign-in page URL: The URL where users are redirected to sign in through your IdP.
    • Sign-out page URL: (Optional) The URL users are redirected to after signing out of Zoom.
    • Identity provider certificate: The certificate used to verify the authenticity of the IdP.
  3. Mapping Advanced Options:
    • Service Provider (SP) Entity ID: You can set the SP Entity ID to something that matches your company’s standards if needed.
    • Name ID Format: Specify the format of the Name ID sent by your IdP. Generally, this will be urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress.
  4. Configure Provisioning (Optional): Configure automated user provisioning if your IdP supports it. This can streamline user onboarding and offboarding.
  5. Test the Connection: Before enabling SSO for all users, test the connection to ensure it’s working correctly. Click Test SSO and follow the prompts.
  6. Enable SSO: Once you’ve confirmed the connection is working, enable SSO for your account. Users will now be able to sign in to Zoom using their IdP credentials.
  7. Linking Existing Accounts (If applicable): Encourage existing Zoom users to link their accounts to their SSO credentials. This can be done through their Zoom profile settings. See Linking your Zoom account to another sign-in method.

Managing Device Sign-Ins

Control which devices can sign in to Zoom within your organization.

  1. Access Device Management: Sign in to the Zoom web portal as an administrator. Navigate to Device Management.
  2. Block Sign-ins from Appliances: Account owners and admins can block users from signing in to Zoom from unmanaged Zoom Phone appliances. This setting is located at the Device Management account level. Navigate to Account Settings, then find “Allow users to sign-in to unmanaged Zoom Phone Appliances”.
  3. Auto Sign-in with a Third Party MDM: Devices that are enrolled in a third party MDM can be assigned to a specific Zoom Room. This process enables auto sign-in. Refer to Enabling auto sign-in with a third party MDM for details.

Common Issues

  • Users cannot sign in with SSO:
    • Verify the SSO settings in the Zoom web portal are correctly configured.
    • Ensure the IdP is configured to allow access to the Zoom application.
    • Check the IdP logs for any errors during the authentication process.
  • Authentication profiles are not applied:
    • Confirm that the host selected the correct authentication profile when scheduling the meeting or webinar.
    • Verify that the authentication profile is enabled at the account or group level.
  • Users are prompted for passwords after SSO:
    • Make sure the ‘Enforce SSO’ setting is enabled to prevent users from bypassing SSO.
    • Advise users to clear their browser cache and cookies and try again.
  • Cannot create Zoom account with Google, Apple, or Facebook.
  • Azure configuration problems: Ensure you have given correct permissions to Zoom’s Azure application.

Frequently Asked Questions

What sign-in methods are available to configure?

You can configure password-based authentication, single sign-on (SSO) using SAML or OIDC, multi-factor authentication (MFA), and social sign-in options like Google or Facebook. The available options will depend on your specific platform and subscription level.

How do I enforce multi-factor authentication (MFA) for all users?

To enforce MFA, typically you'll find the settings within your platform's security or authentication policies. You can usually enable a global setting that requires all users to enroll in and use MFA before accessing their accounts.

What is the difference between SAML and OIDC for SSO?

SAML (Security Assertion Markup Language) is an older, more established standard for SSO, while OIDC (OpenID Connect) is a newer protocol built on top of OAuth 2.0. OIDC is generally preferred for its enhanced security and flexibility, especially for mobile and API-driven applications.

Can I customize the sign-in page with my company's branding?

Many platforms allow you to customize the sign-in page with your company logo, colors, and other branding elements. This can usually be found in the platform's administrative settings under branding or customization options.

Need help configuring this?

Ask Zac can walk you through the setup step by step, or configure it for you automatically.

Try Ask Zac →